CI/CD

CI/CD

In software engineering, CI/CD or CICD is the combined practices of continuous integration and either continuous delivery or continuous deployment. CI/CD bridges the gaps between development and operation activities and teams by enforcing automation in building, testing and deployment of applications.

CI/CD

Edgescan has identified the need to shift left and identify vulnerabilities earlier in the software development lifecycle.

For this reason, a fully supported plugin was developed for CI/CD pipelines.  This integration allows DevOps teams to initiate VM scanning from their chosen platform.  Once initiated, a scan will take place, and a pass/fail will be returned depending on configured criteria.  The build will fail if the results do not match the configured criteria.  Otherwise, the build will proceed to the next step if applicable.

This docker image can be deployed to any appropriate environment.

Download Docker Image

Edgescan CI/CD integration

This image allows to kick off an assessment and fails/succeeds according to its result.

It succeeds if the assessment completes with no vulnerabilities found (a tolerance for the risk level can be provided), it fails otherwise.

When it’s not waiting for the scan to finish it succeeds once the assessment is started.

The program will exit with value 0 on success and -1 otherwise.

Getting started

Pull the Docker image

docker pull edgescan/cicd-integration

Execute the Docker image and append --help for details about its usage

docker run --tty edgescan/cicd-integration --help

Configuration can be provided in 3 ways (in order of priority)

1. CLI flags
2. YAML configuration file
3. Environment variables
ParameterCommand line flagField name in configuration fileEnvironment variable nameDefault valueRequired
Asset ID–asset-idasset_idES_ASSET_IDNoneTrue
API Token–api-tokenapi_tokenES_API_TOKENNoneTrue
Base URL–base-urlbase_urlES_BASE_URL“https://live.edgescan.com”False
Max Risk Threshold–max-risk-thresholdmax_risk_thresholdMAX_RISK_THRESHOLD3False
Wait–wait / –no-waitwaitWAITTrueFalse
Color–color / –no-colorcolorCOLORTrueFalse
Proxy–proxyproxyPROXYNoneFalse

Execute the Docker image

Executing with the command line interface

docker run --tty edgescan/cicd-integration --asset-id 1234 --api-token th34p1t0ken

Executing with a YAML config file

docker run --tty -v /local/path/to/file.yml:/cicd-config.yml edgescan/cicd-integration

Executing with environment variables

docker run --tty -e ES_API_TOKEN="th34p1t0ken" -e ES_ASSET=1234 edgescan/cicd-integration

Executing with a dotenv file

docker run --tty --env-file .env edgescan/cicd-integration

Executing with 3 methods

docker run --tty -v /path/to/file.yml:/cicd-config.yml --env-file .env edgescan/cicd-integration --asset-id 1234

Never Compromise threat protection:

Request Demo